Patching bootchain

First we need to decrypt iBSS and iBEC.

img4 -i iBSS* -o ibss.dec -k ivkey -D


img4 -i iBEC* -o ibec.dec -k ivkey -D


Now we need to extract iBSS and iBEC to raw.

img4tool -e -o ibec.raw ibec.dec


img4tool -e -o ibss.raw ibss.dec



Now we need to patch extracted iBSS and iBEC using iBoot64Patcher.

iBoot64Patcher ibec.raw ibec.patched -b "rd=disk0s1s3 -v"


iBoot64Patcher ibss.raw ibss.patched



Now you need repack iBSS and iBEC back to im4p and then convert it to img4 using img4tool.

img4tool -p ibec.im4p --tag ibec --info ibec ibec.patched


img4tool -p ibss.im4p --tag ibss --info ibss ibss.patched



Convert it to img4.

img4tool -p ibec.im4p -c ibec.img4 -s blob.shsh2


img4tool -p ibss.im4p -c ibss.img4 -s blob.shsh2



After you do it iBSS and iBEC is done !
Now we need to convert devicetree and kernel to img4 and change their tags.

img4tool -p DeviceTree* -c devicetree.img4 -s blob.shsh2



img4tool -p kernelcache* -c kernel.img4 -s blob.shsh2



Now we need update devicetree and kernel tags.


Here is how it should look. After you do this devicetree is done. We need to change kernel tag too.


After you do this kernel is done ! Save it of course.
That's it ! You can now proceed to last step !
First boot